 |
| Setup Menu in AX |
 |
| Diagram of Security Form |
Assign users to roles
This menu item will allow you to assign multiple users to a role. It is also a good form to use when you want to inquire on who is assigned a certain role. When you first enter this form, it will display the list of roles in the left pane. Click on a role to see the list of users directly assigned to this role in the lower middle pane. I say directly because if you have embedded roles (this is discussed below in Security roles), then this form will not show those assignments.
The lower middle pane will display all AX users with a check mark beside the users that have access. In the right pane, there are 2 sections displayed. The top section shows the duties and privileges in the role and the lower section shows the roles of the selected user. Select the Manually assign / exclude function in the lower middle pane to bring up another window where you can select additional users to add to this role.
This menu item will allow you to assign multiple users to a role. It is also a good form to use when you want to inquire on who is assigned a certain role. When you first enter this form, it will display the list of roles in the left pane. Click on a role to see the list of users directly assigned to this role in the lower middle pane. I say directly because if you have embedded roles (this is discussed below in Security roles), then this form will not show those assignments.
The lower middle pane will display all AX users with a check mark beside the users that have access. In the right pane, there are 2 sections displayed. The top section shows the duties and privileges in the role and the lower section shows the roles of the selected user. Select the Manually assign / exclude function in the lower middle pane to bring up another window where you can select additional users to add to this role.
 |
| Assign users to roles - lower middle pane |
 |
| Common menu and Users edit form |
 |
| Assign organizations sub form |
Security roles
Security Privileges
Displayed in the left pane are the security privileges in hierarchical order by processes, duties, and privileges. Click on the + sign to expand. In the lower middle pane, you'll see the details of the item that is selected in the left pane. If you select a privilege, it will display the permissions and allow you (1) add or remove privileges and (2) modify the access the access level of a permission. Warning: if you change the access level, you are changing it globally for that permission!
You can also create a new privilege. Navigate to a duty in the left pane, click on the New function. Define the privilege in the upper middle pane, and then add the desired permissions using lower middle pane. You can search for existing privileges by navigating by process cycle (as on option), find the desired privilege, and select permissions and set access levels.
Use this menu item to view, create, maintain, or delete roles. When you first enter this form, the roles will be displayed in the left pane. Navigate to an existing role in left pane. The upper middle pane displays the AOT name, Name, and description. The lower middle pane is where you'll see the contents of the role and this also where you can add or remove duties and privileges.
If you want to embed a role within a role, in the left pane right click and hold a role and drag it to another role and release. You will see the role in the lower middle pane and the role will have a + that you can expand the view in the left pane.
You can create a new role by clicking on New function for the left pane, then define it using the upper middle pane, and add duties and privileges using the lower middle pane.
 |
| Security roles - lower middle pane |
Displayed in the left pane are the security privileges in hierarchical order by processes, duties, and privileges. Click on the + sign to expand. In the lower middle pane, you'll see the details of the item that is selected in the left pane. If you select a privilege, it will display the permissions and allow you (1) add or remove privileges and (2) modify the access the access level of a permission. Warning: if you change the access level, you are changing it globally for that permission!
 |
| Security privileges - lower middle pane |
 |
| Add permission sub-form |
Other menu items on the Security Setup Menu
Security entry point permissions is the Security Development Tool. This will be discussed in detail in a future post in this series.
Record level security is a AX 2012 feature, it is being deprecated in Dynamics 365 for Operations. It will be replace by Extensible Data Security (XDS). At a high level, either function allows you to restrict access to only a part of a table. For example, restricted access to only a segment of sales orders.
External roles displays roles that are intended to be assigned to users outside of the company, typically customers or vendors.
Segregation of duties is another sub-menu under Setup. This will be the focus of a future post in this series.
Security entry point permissions is the Security Development Tool. This will be discussed in detail in a future post in this series.
Record level security is a AX 2012 feature, it is being deprecated in Dynamics 365 for Operations. It will be replace by Extensible Data Security (XDS). At a high level, either function allows you to restrict access to only a part of a table. For example, restricted access to only a segment of sales orders.
External roles displays roles that are intended to be assigned to users outside of the company, typically customers or vendors.
Segregation of duties is another sub-menu under Setup. This will be the focus of a future post in this series.
Thanks GG!
ReplyDelete